https://community.hpe.com/t5/operating-system-hp-ux/restricting-telnet-access/m-p/3703459#M249773 It will be a little hard to restrict by user, what you could do is to check if you can pass the port to listen to the telnet daemon and change it. Configure your sesions to connect to the specified port. Anyway tcpwrappers seems to be more apropiate. Thu, 05 Jan 2006 15:47:59 GMT Ivan Ferreira 2006-01-05T15:47:59Z https://community.hpe.com/t5/operating-system-hp-ux/restricting-telnet-access/m-p/3703455#M249769 Hi All,<BR /><BR />I want to restrict telnet access for everyone except myself (root) and some other users.<BR /><BR />Everyone else uses telnets (secure telnet) however they still have a telnet icon on their desktop which will take weeks to remove (so says the windows sys admin).<BR /><BR />thanks,<BR /><BR />ap. Thu, 05 Jan 2006 08:37:30 GMT https://community.hpe.com/t5/operating-system-hp-ux/restricting-telnet-access/m-p/3703455#M249769 A Pandey 2006-01-05T08:37:30Z https://community.hpe.com/t5/operating-system-hp-ux/restricting-telnet-access/m-p/3703456#M249770 You can either use tcpwrappers or or edit each users profile to restrict telnet access. Thu, 05 Jan 2006 08:47:55 GMT https://community.hpe.com/t5/operating-system-hp-ux/restricting-telnet-access/m-p/3703456#M249770 George_Dodds 2006-01-05T08:47:55Z https://community.hpe.com/t5/operating-system-hp-ux/restricting-telnet-access/m-p/3703457#M249771 Use TCP wrappers<BR /><BR />Download and install the TCP Wrapper depot from the HP website<BR /><BR /> <BR />The files are installed in two directories<BR /> /usr/lbin<BR /> /usr/newconfig/etc<BR /><BR /> Make the following directories<BR /> /usr/lbin/wrapper<BR /> /usr/local/sbin/messages<BR /> /usr/local/sbin/messages/reject<BR /><BR />Move the original telnet daemon file<BR /> mv /usr/lbin/telnetd /usr/lbin/wrapper/telnetd<BR /><BR />Copy the tcpd file<BR /> cp /usr/lbin/tcpd /usr/lbin/telnetd<BR /><BR /> Copy the configuration files<BR />cp /usr/newconfig/etc/hosts.allow /etc/hosts.allow<BR />cp /usr/newconfig/etc/hosts.deny /etc/hosts.deny<BR />cp /usr/newconfig/etc/tcpd.conf /etc/tcpd.conf<BR /><BR />Customize the /etc/hosts.allow file<BR /> Add the following line to the end of the file:<BR /><BR /> telnetd : hostnames<BR /><BR /> Customize the /etc/hosts.deny file<BR />Add the following line to the end of the file<BR />Telnetd : ALL : BANNERS /usr/local/sbin/messages/reject<BR /><BR />Customize the /etc/tcpd.conf file<BR /> Remove the remark from the rfc931_timeout line<BR /><BR />Create the BANNER file<BR />The file name must be the same as the daemon being manipulated â in the case telnetd<BR /> Change to /usr/local/sbin/messages/reject<BR /> Create a file called telnetd with the following entry:<BR /><BR />WARNING!!<BR /><BR />The system you are attempting to connect to does not allow telnet sessions<BR /> <BR /><BR />Force the inet daemon to re-read the configuration file<BR /><BR /> inetd â c<BR /><BR /> <BR /> Thu, 05 Jan 2006 08:53:44 GMT https://community.hpe.com/t5/operating-system-hp-ux/restricting-telnet-access/m-p/3703457#M249771 DCE 2006-01-05T08:53:44Z https://community.hpe.com/t5/operating-system-hp-ux/restricting-telnet-access/m-p/3703458#M249772 check out inetd.sec file .<BR /><BR />Man inetd.sec , you can allow telnet ,<BR />from particular host and disable from all other hosts on the network .<BR /><BR /><BR />thx,<BR />bl. Thu, 05 Jan 2006 08:57:05 GMT https://community.hpe.com/t5/operating-system-hp-ux/restricting-telnet-access/m-p/3703458#M249772 baiju_3 2006-01-05T08:57:05Z https://community.hpe.com/t5/operating-system-hp-ux/restricting-telnet-access/m-p/3703459#M249773 It will be a little hard to restrict by user, what you could do is to check if you can pass the port to listen to the telnet daemon and change it. Configure your sesions to connect to the specified port. Anyway tcpwrappers seems to be more apropiate. Thu, 05 Jan 2006 15:47:59 GMT https://community.hpe.com/t5/operating-system-hp-ux/restricting-telnet-access/m-p/3703459#M249773 Ivan Ferreira 2006-01-05T15:47:59Z